ISS customers targeted in worm attack

The worm, Witty.A, exploits a hole in the firm’s firewall products, such as RealSecure and BlackICE, and, experts report, is similar to the Blaster virus, which caused millions of dollars worth of damage last year.

The worm is designed to spread by itself without traveling via emails or attachments. It has the potential to delete and overwrite random sectors of hard drives.

ISS responded to the threat by issuing a patch and issued a statement on its website that read: “The Witty worm uses hard-coded addresses and only has the ability to infect certain builds of the Protocol Analysis Module (PAM). The Witty worm is destructive to the target system, and overwrites key hard disk sectors after sending out its payload. The junk data written to disk may impact system stability and cause a ‘blue screen’ to occur upon reboot.”